PSA: I don't believe that Lenovo should be trusted. They sold malware infected devices in exchange for money and have a long history of subjecting their users to privacy and security problems.
Then once they were forced to admit the truth they released uninstall instructions that still left the systems vulnerable giving users a false sense of security. After security researchers started making headlines about their flawed removal instructions the company released updated instructions that actually removed the vulnerability they introduced. (https://www.theguardian.com/technology/2015/feb/20/lenovo-ap...)
Windows users were clearly the low hanging fruit. Even as a linux user the fact that Lenovo was perfectly willing to exploit and undermine the security of the vast majority of their customers should not bring you any comfort. The fact that they've demonstrated a willingness to infect their devices at the firmware level shouldn't either.
We have enough questionable hardware and binary blobs in our devices as it is. Why choose a device from a company who has repeatedly proven themselves to be undeserving of our trust? Why assume they would never target any other OS? Especially considering they've been increasingly marketing themselves to linux users?
It's not about Windows. Lenovo sold the privacy and security of its users by putting a malware in BIOS. This time it affected Windows systems, but who know what comes next.
I kinda view these as entirely different companies and IIRC Lenovo was even thinking about splitting their computer divisions into companies with different names.
That is one thing apple really does well for their brand: only sell premium stuff under one brand (Beats not withstanding). In contrast Lenovo has a mixed reputation: Thinkstuff never had any of the issues you mentioned, but is still tarnished.
Similarly, Dell has great high end stuff, but awful low-end and Samsung just has everything (and washing machines and...)
Thinkpads were absolutely impacted by some of them
Lenovo's SHAREit software was preloaded on ThinkPad and IdeaPad notebooks. That was one of the hardcoded password issues I mentioned (along with other problems)
My ThinkPad T61p suffered a different problem: It was bricked 1 month out of warranty due to the GPU, which was recalled by Nvidia but Lenovo refused to honor the recall. Instead they wanted to sell me an $800 replacement board with the same faulty GPU. There was a long thread on their support forums with hundreds of people complaining about the same thing. It has since disappeared. I've never given Lenovo another dollar.
> It was bricked 1 month out of warranty due to the GPU, which was recalled by Nvidia but Lenovo refused to honor the recall.
Did they actually issue a recall on those chips? Someone should update the wiki
which still says:
...neither nVidia nor Lenovo ever admitted publicly that the chips were defective. The issue was handled as one of quality control with no "official" revisions issued, and no recalls. (https://thinkpads.com/t61/)
Hmm, I'm going by memory but I distinctly remember reading they were recalled and that Dell among others were issuing replacements for their systems with the faulty chips. Perhaps it's true that it wasn't officially recalled.
Also your link mentions Lenovo did briefly offer repairs in 2010-2011, so I guess I could have taken part, but that was about 2 years after I ejected the company from my world.
I just noticed I grabbed the wrong URL for that first link. The one for the “We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns,” quote.
With the superfish fiasco first they insisted there wasn't any risk: “We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns,” (https://www.techshout.com/lenovo-denies-accusations-that-its...)
Then once they were forced to admit the truth they released uninstall instructions that still left the systems vulnerable giving users a false sense of security. After security researchers started making headlines about their flawed removal instructions the company released updated instructions that actually removed the vulnerability they introduced. (https://www.theguardian.com/technology/2015/feb/20/lenovo-ap...)
Other security issues that never should have happened include multiple hardcoded passwords (https://www.bleepingcomputer.com/news/security/lenovos-finge... and https://www.pcworld.com/article/419336/lenovo-fixes-hard-cod...) and shipping machines with crapware that was designed to send data back to Lenovo but also introduced a vulnerability and worse was stored in UEFI so that even after reinstalling the OS your machine just reinfects itself. (https://www.pcworld.com/article/422988/lenovos-service-engin...)
see also: https://en.wikipedia.org/wiki/Lenovo#Security_and_privacy_in...
Who cares how good their compatibility with linux is if you can't trust the hardware its running on?